Privacy Policy
1. Data Controller
DeadBrand is a trademark intelligence platform operated via hendekaorchestra.com. For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (GDPR), DeadBrand acts as the data controller for personal data collected through this platform.
Contact: deadbrand@hendekaorchestra.com
2. Data We Collect
Account Data
When you create an account, we collect your email address and name.
Payment Data
Payments are processed by Stripe. DeadBrand does not store your credit card numbers or full payment card details. Stripe processes and stores your payment information in accordance with their own privacy policy and PCI-DSS requirements.
Usage Data
We collect information about how you use the platform, including pages visited, searches performed, and features used. This data helps us improve the service and understand usage patterns.
Technical Data
When you access DeadBrand, we automatically collect certain technical information, including your IP address, browser type and version, and device information.
Cookies
We use session cookies strictly for authentication purposes. See Section 4 for full details on our cookie practices.
3. Legal Bases for Processing (GDPR Article 6)
We process your personal data on the following legal bases:
| Legal Basis | Purpose |
|---|---|
| Contract performance | Account creation, service delivery, payment processing, and subscription management |
| Legitimate interest | Service improvement, platform security, fraud prevention, and usage analytics |
| Consent | Marketing communications (opt-in only; you can withdraw consent at any time) |
| Legal obligation | Tax records, accounting records, and compliance with applicable laws |
4. Cookies
DeadBrand uses a minimal cookie approach:
- Session cookies — Used strictly for authentication and maintaining your logged-in session. These are strictly necessary cookies and do not require consent under applicable regulations.
We do not use:
- Third-party tracking cookies
- Advertising or retargeting cookies
- Third-party analytics cookies
5. Data Sharing
We share personal data only with the following service providers, strictly for the purposes described:
- Stripe — Payment processing. Stripe's privacy policy governs their handling of your payment data.
- Resend — Transactional email delivery (account confirmations, notifications, billing receipts). Resend's privacy policy governs their handling of your data.
We do not sell your personal data to third parties. Ever.
Beyond the service providers listed above, we do not share your personal data with any other parties, except where required by law, regulation, or valid legal process.
6. International Data Transfers
All primary data storage occurs on servers located within the European Union.
Our service providers Stripe and Resend may process some data outside the EU in the course of providing their services. Where such transfers occur, they are conducted under appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission, to ensure an adequate level of data protection.
7. Your Rights
Regardless of your location, DeadBrand extends the following data protection rights to all users:
- Right of access — You can request a copy of the personal data we hold about you.
- Right to rectification — You can request correction of inaccurate or incomplete personal data.
- Right to erasure — You can request deletion of your personal data, subject to applicable legal retention requirements.
- Right to restrict processing — You can request that we limit how we process your data in certain circumstances.
- Right to data portability — You can request your data in a structured, commonly used, machine-readable format.
- Right to object — You can object to processing based on legitimate interests.
- Right to withdraw consent — Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
- Right to lodge a complaint — You have the right to lodge a complaint with a supervisory authority. For Italy, this is the Garante per la protezione dei dati personali.
How to Exercise Your Rights
To exercise any of these rights, contact us at deadbrand@hendekaorchestra.com. We will respond to your request within 30 days.
8. Data Retention
| Data Type | Retention Period |
|---|---|
| Active account data | Retained while your account remains active |
| Data after account deletion | Deleted within 30 days of account closure |
| Payment and billing records | Retained for 10 years per Italian tax law |
| Server logs | Retained for 90 days |
9. Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- HTTPS encryption for all data in transit
- Data stored on servers located within the European Union
- Access controls limiting data access to authorized personnel only
- Regular security reviews and assessments
While we strive to protect your personal data, no method of transmission or storage is completely secure. We cannot guarantee absolute security.
10. Children
DeadBrand is not directed at individuals under the age of 16. We do not knowingly collect personal data from anyone under 16. If we become aware that we have collected personal data from a person under 16, we will take steps to delete that information promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised "Last updated" date.
For material changes that significantly affect how we process your personal data, we will notify you via email at least 30 days in advance of the changes taking effect.
12. Contact
For any questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us at: